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CLAIMS 

\ A method of authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 
channel, saidonethod including the steps of: 
5 generating a first challenge signal of minimum duration T, where T is a fixed 

time interval; 

generating aNrandom number x, computing g x modulo p, where g and p are 
numbers, deriving a key k A from g x modulo p, encrypting said first challenge signal 
with k A and a symmetricvkey cryptosystem, and sending a first ciphertext to said 
1 0 remote party; \ 

receiving a second ciphertext from said remote party, sending g x modulo p to 
said remote party, and startingNa clock; 

receiving a third ciphertext and g y mohulojp^tom said remote party, stopping 
the clock, and computing an elaps<sd time interval of said clock; 
1 5 deriving a key ke from g y m^lulo p, comptxtmg g xy modulo p, deriving a key 

kAB from g xy modulo p, decrypting saM second ciphertext with ke to recover a second 
challenge signal from said remote partA decrypting said third ciphertext to recover a 
first response signal from said remote pa 

verifying that said elapsed time of the clock is within a predetermined interval 
20 (TLa, TUa), where TLa and TUa are positive\numbers; 

verifying that said second challenge signal is produced by said remote party; 

producing a second response signal of minimum duration T, encrypting said 
second response signal with kAB and sending a fourth ciphertext to said remote party; 

verifying that said first response signal is a response produced by said remote 
25 party to said first challenge signal; and 

generating a key k from g xy modulo p for secure communications with said 
remote party. 

2. The method according to claim 1, wherein T is larger than the channel 
30 transmission and processing delay. 
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3\ The method according to claim 1, wherein said challenge signals and 
response signals represent biometrics characteristics of the producing parties. 

4. vThe method according to claim 3, wherein said biometrics 
5 characteristics include the voice of a person. 

5. The method according to claim 1 -er37 wherein verification of said first 
response signal and said second challenge signal from said remote party is based on 
familiarity of remote party's biometrics characteristics. 



10 



The method\according to clainTlTwherein encryption of said challenge 



and response signals is perfoYmed using a crypta^aphic commitment function 




7. The method according to claijn-t; where TL A is ti + t2 and TUa is ti + 
15 t2 + T, with ti being the duration o^said first challenge signal and t2 being the duration 

of said first response signal. 

8. An apparatus for authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 

20 channel, said apparatus including: \ 

means for generating a first challenge signal of minimum duration T, where T 
is a fixed time interval; \ 

means for generating a random number x, computing g x modulo p, where g 
and p are numbers, deriving a key k A from g x modulo\p, encrypting said first challenge 
25 signal with k A and a symmetric key cryptosystem, and sending a first ciphertext to said 
remote party; 

means for receiving a second ciphertext from said remote party, sending g x 
modulo p to said remote party, and starting a clock; \ 

means for receiving a third ciphertext and g y modulo p from said remote party, 
30 stopping the clock, and computing an elapsed time interval of said clock; 



10 
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.means for deriving a key ke from g y modulo p, computing g xy modulo p, 
deriving a key kAB from g xy modulo p, decrypting said second ciphertext with ke to 
recover a second challenge signal from said remote party, decrypting said third 
ciphertext to recover a first response signal from said remote party; 

means fok verifying that said elapsed time of the clock is within a 
predetermined interval (TL A , TUa), where TL A and TUa are positive numbers; 

means for verifying that said second challenge signal is produced by said 
remote party; 

means for producing a second response signal of minimum duration T, 
encrypting said second response signal with kAB aixcLsending a fourth ciphertext to 
said remote party; \ / 

means for verifying that Wd first response^^nal is a response produced by 
said remote party to said first challenge signal; ^nd J 

means for generating a key k trom g xy modulo p for secure communications 
with said remote party. 



9. The apparatus according to claim 8, wherein T is larger than the 
channel transmission and processing delay. 



20 



10. The apparatus according to claim 8, wherein said challenge signals and 
response signals represent biometrics characteristics c^f the producing parties. 



(K 



25 



11. The apparatus according to claim 10, where^i said biometrics 
characteristics include the voice of a person. 

12. The apparatus according to claim 8 jer^Cf, wherein Verification of said 
first response signal and said second challenge signal from said remote party is based 
on familiarity of remote party's biometrics characteristics. 




V 
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The apparatus according to claim 8, wherein encryption of said 
challenge and response signals is performed using a cryptographic commitment 
function. 



14. Thk apparatus according to claim 8, where TL A is ti + t 2 and TU A is ti 
+ t2 + T, with ti beingthe duration of said first challenge signal and t 2 being the 
duration of said first response signal. 



or-generating a first challenge signal 



interval, 

for generating a random number x, 



15. A computer Wogram product having a computer usable medium having 
10 a computer readable program code means embodied therein for authenticating a 
remote party and establishing a « 

insecure communications channel)\said computer program product including: 

computer readable program code means-- £ 
of minimum duration T, where T is a toed time. 
1 5 computer readable program codeVieans 

computing g x modulo p, where g and p are Vumbers, deriving a key k A from g x modulo 
p, encrypting said first challenge signal with Ka and a symmetric key cryptosystem, 
and sending a first ciphertext to said remote party; 

computer readable program code means ror receiving a second ciphertext from 
20 said remote party, sending g x modulo p to said remqte party, and starting a clock; 

computer readable program code means for receiving a third ciphertext and g y 
modulo p from said remote party, stopping the clock, and computing an elapsed time 
interval of said clock; 

computer readable program code means for deriving* key k B from g y modulo 
25 p, computing g xy modulo p, deriving a key kAB from g xy modulo p, decrypting said 

second ciphertext with ke to recover a second challenge signal from said remote party, 
decrypting said third ciphertext to recover a first response signal ffqm said remote 
party; 

computer readable program code means for verifying that said elapsed time of 
30 the clock is within a predetermined interval (TL A) TU A ), where TL A and Tl^\ are 
positive numbers; 
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scomputer readable program code means for verifying that said second 
challenge\signal is produced by said remote party; 

compter readable program code means for producing a second response 
signal of minimum duration T 5 encrypting said second response signal with Icab and 
sending a fourth qiphertext to said remote party; 

computer readable program code means for verifying that said first response 
signal is a response prbduced by said remote party to said first challenge signal; and 

computer readable program code means for generating a key k from g xy 
modulo p for secure communications with said remote party. 

16. The computer program produpt^adcording to claim 15, wherein T is 
larger than the channel transmissibn and processing^if^ - 

17. The computer program^product acjcprdifig to claim 15, wherein said 
challenge signals and response signals represent biometrics characteristics of the 
producing parties. 




20 



18. The computer program product according to claim 17, wherein said 
biometrics characteristics include the voice of a person. 

\ 

19. The computer program product according\to claim ISj&Hff] wherein 
verification of said first response signal and said second cnJallenge signal from said 
remote party is based on familiarity of remote party's biometrics characteristics. 



25 20. The computer program product according to claim \5, wherein 

encryption of said challenge and response signals is performed using^a cryptographic 
commitment function. 



21. The computer program product according to claim 15, where\rL A is ti 
30 + t 2 and TUa is ti + t 2 + T, with ti being the duration of said first challenge sigmil and 
t 2 being the duration of said first response signal. \ 
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idte pajty, deriving a key k A from and g x 
second challenge signal from 



A method of authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 
channel, said^method including the steps of: 
5 receivin&a first ciphertext from said remote party, generating a random 

number y, computing g y modulo p, where g and p are numbers; 

producing a nj st challenge signal of a minimum duration T, where T is a fixed 
time interval; 

deriving a key ke^om g y modulo p, encrypting said first challenge signal with 
10 k B and a symmetric key cr^tosystem, and sending a second ciphertext to said remote 
party; . 

receiving g x modulo p frbm said r^mot 
modulo p, decrypting said first ciphertext to 
said remote party; 

1 5 verifying that said second challenge signal is produced by said remote party, 

producing a first response signal of said minimum duration T; 

computing g xy modulo p, deriving a\ey kAB from g xy modulo p, encrypting 
said first response signal, sending a third cipli^rtext and g y modulo p to said remote 
party, and starting a clock; \ 
20 receiving a fourth ciphertext, stopping saidSclock, computing the elapsed time 

of the clock, and decrypting the fourth ciphertext to recover a second response signal 
from said remote party; 

verifying that said elapsed time of said clock is within a predetermined interval 
(TLb, TUb), where TLb and TUb are positive numbers; 
25 verifying that said second response signal is a responsfe produced by said 

remote party to said first challenge signal; and 

generating a key k from g xy modulo p for secure communications with the 
remote party. 



30 23. The method according to claim 22, wherein T is larger thsixj the channel 

transmission and processing delay 
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The method according to claim 22, wherein said challenge signals and 
response signals are signals representing biometrics characteristics. 




25. The method according to claim 22, wherein verification of said second 
challenge signal ahd said second response signal from remote party is based on 
familiarity with a reikote party's biometrics characteristics. 



26. The method according to claim 22, wherein encryption of said 
challenge and response signals is carried oi^bylfcrj^tographic commitment function. 




27. The method according to claim 22, wherein TLb is t3 + U and TUb is t3 
+ t4 + T, with t3 being the duration\f the first challenge signal and U being the 
duration of the second response signaiy 

28. An apparatus for authenticating a remote party and establishing a 
cryptographic key for secure communicationssyia an insecure communications 
channel, said apparatus including: 

means for receiving a first ciphertext from kid remote party, generating a 
random number y, computing g y modulo p, where g and p are numbers; 

means for producing a first challenge signal of a^mnimum duration T, where 
T is a fixed time interval; 

means for deriving a key ke from g y modulo p, encrypting said first challenge 
signal with ke and a symmetric key cryptosystem, and sending a second ciphertext to 
said remote party; \^ 

means for receiving g x modulo p from said remote party, deriving a key kA 
from and g x modulo p, decrypting said first ciphertext to recover a second challenge 
signal from said remote party; 

means for verifying that said second challenge signal is produced by\aid 
remote party, producing a first response signal of said minimum duration T; 
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means for computing g xy modulo p, deriving a key Icab from g xy modulo p, 
encryptihg said first response signal, sending a third ciphertext and g y modulo p to 
said remotkparty, and starting a clock; 

meankfor receiving a fourth ciphertext, stopping said clock, computing the 
elapsed time orthe clock, and decrypting the fourth ciphertext to recover a second 
response signal from said remote party; 

means for verifying that said elapsed time of said clock is within a 
predetermined interval^TLe, TUb), where TLb and TUb are positive numbers; 

means for verifying that said second response signal is a response produced by 
said remote party to said fust challenge signal; and 

means for generating^ key k from g^jmodulo p for secure communications 
with the remote party. 




29. The apparatus according to c^aim28^wherein T is larger than the 
channel transmission and processing^delay 

30. The apparatus according^) claim 28, wherein said challenge signals 
and response signals are signals representing biometrics characteristics. 

31. The apparatus according to claim 28, wherein verification of said 
second challenge signal and said second response signal from remote party is based on 
familiarity with a remote party's biometrics characteristics. 

32. The apparatus according to claim 28, wherein encryption of said 
challenge and response signals is carried out by a cryptographic commitment function. 



33. The apparatus according to claim 28, wherein\TL B is t 3 + U and TUb is 
t3 + U + T, with t 3 being the duration of the first challenge signkl and t 4 being the 
duration of the second response signal. \ 
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3^. A computer program product having a computer usable medium having 
a computer\eadable program code means embodied therein for authenticating a 
remote party and establishing a cryptographic key for secure communications via an 
insecure communications channel, said computer program product including: 
5 computer readable program code means for receiving a first ciphertext from 

said remote party, geherating a random number y, computing g y modulo p, where g 
and p are numbers; \ 

computer readable\program code means for producing a first challenge signal 
of a minimum duration T, \^here T is a fixed time interval; 
10 computer readable program code means for deriving a key k B from g y modulo 

p, encrypting said first challeng^signal with kB^d_a^ymmetric key cryptosystem, 
and sending a second ciphertext to\said remot^ ppity; ) 

computer readable program code means fo "receiving g x modulo p from said 
remote party, deriving a key k A from afad g x modulo jr,.decrypting said first ciphertext 
15 to recover a second challenge signal from said remote party; 

computer readable program code means for verifying that said second 
challenge signal is produced by said remote\arty, producing a first response signal of 
said minimum duration T; \ 

computer readable program code means ibr computing g xy modulo p, deriving 
20 a key kAB from g xy modulo p, encrypting said first response signal, sending a third 
ciphertext and g y modulo p to said remote party, andWarting a clock; 

computer readable program code means for receiving a fourth ciphertext, 
stopping said clock, computing the elapsed time of the cl^ck, and decrypting the 
fourth ciphertext to recover a second response signal from said remote party; 
25 computer readable program code means for verifying mat said elapsed time of 

said clock is within a predetermined interval (TLb, TUb), where \fL B and TUb are 
positive numbers; 

computer readable program code means for verifying that saiH second response 
signal is a response produced by said remote party to said first challenge signal; and 
30 computer readable program code means for generating a key k frc^m g xy 

modulo p for secure communications with the remote party. 
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The computer program product according to claim 34, wherein T is 
larger thairthe channel transmission and processing delay 

36. ishe computer program product according to claim 34, wherein said 
challenge signals and response signals are signals representing biometrics 
characteristics. \ 

37. The computer program product according to claim 34, wherein 
verification of said second\challenge signal and said second response signal from 
remote party is based on familiarity with a remote parly's biometrics characteristics. 



0?\ , 

38. The computer pro-am product ^cc^ding to claim 34, wherein 
encryption of said challenge and response signals is carried out by a cryptographic 
commitment function. 



39. The computer program product according to claim 34, wherein TLb is 
t3 + t4 and TUb is t 3 + U + T, with t 3 being\the duration of the first challenge signal and 
t4 being the duration of the second responseVgnal. 

40. A method of authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 
channel, said method including the steps of: 

generating a first challenge signal of minimurti\duration T, where T is a fixed 
time interval; 

generating a random number x, computing g x modklo p, where g and p are 
numbers, deriving a key k A from g x modulo p, encrypting said first challenge signal 
with k A and a symmetric key cryptosystem, and sending a firstVciphertext to said 
remote party; \ 

receiving a second ciphertext, sending g x modulo p to said remote party, and 
starting a clock; 
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rbeeiving g y modulo p, computing a key ke from g y modulo p, decrypting the 
second cipnertext to recover a second challenge signal from said remote party; 

verifying said second challenge statement to ensure that said second challenge 
statement is produced by said remote party, and producing a first response signal of 
5 minimum duration T; 

computing^ modulo p, deriving a key kAB from g xy modulo p, encrypting 
said first response si^ial and sending a third ciphertext to said remote party; 

receiving a fourth ciphertext from said remote party, stopping said clock, 
decrypting the fourth cipnertext with k^B to recover a second response signal from 
1 0 said remote party; \ 

verifying that said elapsed time of said clock is within a predetermined interval 
(tl A3 tu A ), where tl A and tu A are positive numbors;f\ J 

verifying that said second response signaHs^arebponse produced by said 
remote party to said first challenge signal; and j 
15 generating a key k from g xy modulo p for secure communications with said 

remote party. 

41 . The method according to clainr^O, wherein T is larger than the channel 
transmission and processing delay 

20 

42. The method according to claim 40, wtierein said challenge signals and 
response signals are signals representing biometrics characteristics. 

43. The method according to claims 40, wherei^yverification of said 
25 second response signal and said second challenge signal fromyremote party is based on 

familiarity of remote party's biometrics characteristics. 

44. The method according to claim 40, wherein encryption of said 
challenge and response signals is carried out by a cryptographic commitment function. 

30 
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The method according to claim 40, where tl A is Ti + T 2 and tUA is Ti + 
T 2 + T, with Ti being the duration of said first challenge signal and T2 being the 
duration of said second response signal. 

5 46. Ari apparatus for authenticating a remote party and establishing a 

cryptographic key for secure communications via an insecure communications 
channel, said apparatus including: 

means for generating a first challenge signal of minimum duration T, where T 
is a fixed time interval; \ 
10 means for generating a random number x 5 computing g x modulo p, where g 

and p are numbers, deriving a\key k A from g x modulo p, encrypting said first challenge 
signal with k A and a symmetric^key cryptosyste^^id^en^ing a first ciphertext to said 
remote party; 

means for receiving a seconcl ciphertext, sending gk modulo p to said remote 



15 party, and starting a clock; 

means for receiving g y modulo p\ computing a key k B from g y modulo p, 
decrypting the second ciphertext to recover^ a second challenge signal from said 
remote party; \ 

means for verifying said second challenge statement to ensure that said second 
20 challenge statement is produced by said remote p^rty, and producing a first response 
signal of minimum duration T; \ 

means for computing g xy modulo p, deriving a^key kAB from g xy modulo p, 
encrypting said first response signal and sending a third ciphertext to said remote 
party; \ 
25 means for receiving a fourth ciphertext from said remote party, stopping said 

clock, decrypting the fourth ciphertext with kAB to recover a second response signal 
from said remote party; 

means for verifying that said elapsed time of said clock is within a 
predetermined interval (tl A , tu A ), where tl A and tu A are positive numbers; 
30 means for verifying that said second response signal is a response\produced by 

said remote party to said first challenge signal; and 



20 
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\^eans for generating a key k from g xy modulo p for secure communications 
with said remote party. 




47. The apparatus according to claim 46, wherein T is larger than the 
channel transmission and processing delay 



48. The apparatus according to claim 46, wherein said challenge signals 
and response signals are signals representing biometrics characteristics. 



10 49. The apparatus according to claims 46, wherein verification of said 

second response signal and said^second challenge signal from remote party is based on 
familiarity of remote party's biometrics charact^sti£sT 

50. The apparatus according to claim 46j^wherfein encryption of said 
15 challenge and response signals is carried^out by a cryptographic commitment function. 

51 . The apparatus according to claim 46, where tl A is Ti + T 2 and tu A is Ti 
+ T2 + T, with Ti being the duration of said ficst challenge signal and T 2 being the 



duration of said second response signal. 



52. A computer program product havingVa computer usable medium having 
a computer readable program code means embodied therein for authenticating a 
remote party and establishing a cryptographic key for secure communications via an 
insecure communications channel, said computer program\^roduct including: 

25 computer readable program code means for generating a first challenge signal 

of minimum duration T, where T is a fixed time interval; \ 

computer readable program code means for generating a random number x, 
computing g x modulo p, where g and p are numbers, deriving a keyJc A from g x modulo 
p, encrypting said first challenge signal with k A and a symmetric keyVryptosystem, 

30 and sending a first ciphertext to said remote party; 
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chmputer readable program code means for receiving a second ciphertext, 
sending g x inodulo p to said remote party, and starting a clock; 

computer readable program code means for receiving g y modulo p, computing 
a key k& from g y modulo p, decrypting the second ciphertext to recover a second 
5 challenge signal from said remote party; 

computer readable program code means for verifying said second challenge 
statement to ensure that said second challenge statement is produced by said remote 
party, and producing a first response signal of minimum duration T; 

computer readable program code means for computing g xy modulo p, deriving 
^ 10 a key kAB from g xy modulo p, encrypting said first response signal and sending a third 

; fl ciphertext to said remote party; 

1^ computer readable program cbde means for receiving a fourth ciphertext from 

•a \ / ) 

said remote party, stopping said clock, decrypting the fpurth ciphertext with kAB to 
|^ recover a second response signal from said remote party; 

15 computer readable program code means for verifying that said elapsed time of 

;7j said clock is within a predetermined interval (tl A , tu A ), where tl A and tu A are positive 

numbers; \ 
□ computer readable program code means for verifying that said second response 

8=9 signal is a response produced by said remote party\o said first challenge signal; and 

20 computer readable program code means for generating a key k from g xy 

modulo p for secure communications with said remote party 



53. The computer program product according to c|aim 52, wherein T is 
larger than the channel transmission and processing delay 



25 




54. The computer program product according to claim 52, wherein said 
challenge signals and response signals are signals representing biometrics 
characteristics. * 



\ 

5^5. The computer program product according to claims 52, wherein 
verificatioh^of said second response signal and said second challenge signal from 
remote party is based on familiarity of remote party's biometrics characteristics. 



56. The computer program product according to claim 52, wherein 
encryption of said challenge and response signals is carried out by a cryptographic 
commitment function. 



57. The computerprogram product according to claim 52, where tU is T] 
10 T2 and tUA is Ti + T2 + T, withTi being the^duratioivpf said first challenge signal and 

T2 being the duration of said secpnd response si(|nal^ 

58. A method of authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 

15 channel, said method including the steps\^f: 

receiving a first ciphertext from remote party, generating a random number y, 
and computing g y modulo p, where g and p are numbers; 

producing a first challenge signal of mmimum duration T, where T is a fixed 
time interval; 

20 deriving a key k B from g y modulo p, encrypting said first challenge signal with 

ke and a symmetric key cryptosystem, and sending a second ciphertext; 

receiving g x modulo p, computing a key kA from\g x modulo p, decrypting said 

first ciphertext to recover a second challenge signal from remote party, sending g y to 

remote party and starting a clock; 
25 verifying said second challenge statement to make sur^sthat said second 

challenge statement is produced by said remote party, and then producing a first 

response signal of minimum duration T; 

computing g xy modulo p, deriving a key kAB from g xy modulo p^encrypting 

said first response signal and sending a third ciphertext to said remote party; 
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^ceiving a fourth ciphertext from said remote party, stopping said clock, 
decrypting^said fourth ciphertext with Icab to recover a second response signal from 
said remote party; 

verifying that said elapsed time of the clock is within an interval (tie, tue), 
5 where tie and txieVare positive numbers; 

verifying that said second response signal a response produced by said remote 
party to said first challenge signal; and 

generating a ke^k from g xy modulo p for secure communications with the 
remote party. 



10 



20 



59. The method according to claim^S^ wherein T is larger than the channel 



transmission and processing delay 



60. The method according to claim 58^wherein said challenge signals and 
15 response signals are signals representing biometrics characteristics. 



61 . The method according to claim 58, wherein verification of said second 
challenge signal and said second response signal from said remote party is based on 
familiarity of said remote party's biometrics characteristics. 



62. The method according to claim 58, wherein encryption of challenge 
and response signals are carried out by a cryptographic commitment function. 



63. The method according to claim 58, where tie is T 3 + T4 and tue is T3 + 
25 T 4 + T, with T3 being the duration of said first challenge signal and T 4 being said 



duration of said second response signal. 



64. An apparatus for authenticating a remote party and establishing a 
cryptographic key for secure communications via an insecure communications 
30 channel, said apparatus: 






keykvAB from g xy modulo p, 
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mekis for receiving a first ciphertext from remote party, generating a random 

number y, aA^ computing g y modulo p, where g and p are numbers; 

means for producing a first challenge signal of minimum duration T, where T 

is a fixed time interval; 

\ 

5 means for deriving a key k B from g y modulo p, encrypting said first challenge 

signal with k B and a symmetric key cryptosystem, and sending a second ciphertext; 

means for receiving g x modulo p, computing a key k A from g x modulo p, 
decrypting said first ciphertext to recover a second challenge signal from remote party, 
sending g y to remote party an&starting a clock; 
10 means for verifying said second challenge statement to make sure that said 

second challenge statement is produced by said remote party, and then producing a 
first response signal of minimum duration T; 

means for computing g xy modulo p, deriving a ] 
encrypting said first response signal and\ending a third ciphertext to said remote 
15 party; \ ^ 

means for receiving a fourth ciphertext from said remote party, stopping said 
clock, decrypting said fourth ciphertext with k^s to recover a second response signal 
from said remote party; \^ 

means for verifying that said elapsed time of the clock is within an interval 
20 (tl B , tu B ), where tl B and tu B are positive numbers; \^ 

means for verifying that said second response signal a response produced by 
said remote party to said first challenge signal; and \ 

means for generating a key k from g xy modulo p for secure communications 
with the remote party. 

25 

65. The apparatus according to claim 64, wherein T is larger than the 
channel transmission and processing delay 

66. The apparatus according to claim 64, wherein said challenge signals 
30 and response signals are signals representing biometrics characteristics. 
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The apparatus according to claim 64, wherein verification of said 
second challenge signal and said second response signal from said remote party is 

67. The\apparatus according to claim 64, wherein encryption of challenge 
and response signals are carried out by a cryptographic commitment function. 



68. The apparatus according to claim 64, where tl B is T 3 + T 4 and tu B is T 3 
+ T 4 + T, with T 3 being the\^uration of said first challenge signal and T 4 being said 
duration of said second response signal. 



69. A computer prograi^product having, a computer usable medium having 
a computer readable program code means embodied ^<5reinj for authenticating a 
remote party and establishing a cryptographic key for secpre communications via an 
insecure communications channel, said computer program product: 

computer readable program code means for receiving a first ciphertext from 
remote party, generating a random number y, and computing g y modulo p, where g 
and p are numbers; 

computer readable program code meansYor producing a first challenge signal 

of minimum duration T, where T is a fixed time interval; 

\ 

computer readable program code means for deriving a key k B from g y modulo 
p, encrypting said first challenge signal with k B and asymmetric key cryptosystem, 
and sending a second ciphertext; \^ 

computer readable program code means for receiving g x modulo p, computing 
a key kA from g x modulo p, decrypting said first ciphertext X .recover a second 
challenge signal from remote party, sending g y to remote party^and starting a clock; 

computer readable program code means for verifying saidssecond challenge 
statement to make sure that said second challenge statement is produced by said 
remote party, and then producing a first response signal of minimum duration T; 



^computer readable program code means for computing g xy modulo p, deriving 
a key k)[Mrom g xy modulo p, encrypting said first response signal and sending a third 
ciphertext n^said remote party; 

computer readable program code means for receiving a fourth ciphertext from 
said remote party^stopping said clock, decrypting said fourth ciphertext with kAB to 
recover a second response signal from said remote party; 

computer readable program code means for verifying that said elapsed time of 
the clock is within an interval (tl B , tu B ), where tl B and tu B are positive numbers; 



computer readable program code means for verifying that said second response 



signal a response produced b)\saki remote p 




fii-st challenge signal; and 
computer readable program ^de mearts for j^erating a key k from g xy 
modulo p for secure communications with the remote party] 

\ ^ 

70. The computer program product according to claim 69, wherein T is 
larger than the channel transmission and processing delay 



71 . The computer program product^according to claim 69, wherein said 
challenge signals and response signals are signalsVepresenting biometrics 
characteristics. 




72. The computer program product according to claim 69, wherein 
verification of said second challenge signal and said second response signal from said 
remote party is based on familiarity with said remote party^s v bi^metrics 
characteristics. 




73. The computer program product according to claim 69„ wherein 
encryption of challenge and response signals are carried out by a crypihg^^hic 
commitment function. 
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